UAF 1.2 | Description |
---|---|
Achieved Effect | A dependency relationship that exists between an Actual State (e.g., observed/measured during testing) of an element that attempts to achieve a Desired Effect and an Achiever. |
Achiever | An Actual Resource, Actual Project or Actual Enterprise Phase that can deliver a Desired Effect. |
Actual Condition | The Actual State of an environment or location describing its situation. |
Actual Effect | A real world phenomenon that follows and is caused by some previous phenomenon. |
Actual Enduring Task | An actual undertaking recognized by an enterprise as being essential to achieving its goals - i.e. a strategic specification of what the enterprise does. |
Actual Enterprise Phase | An Actual State that describes the phase of an Enterprise endeavour. |
Actual Environment | The Actual State that describes the circumstances of an Environment. |
Actual Outcome | Something that happens or is produced as the final consequence or product and is related to one of the goals for the business or enterprise. Outcome is a special kind of effect, one that is usually at the end of a chain of effects, i.e. an "end effect". |
Actual Project Role | An Actual Project that is applied to a Project Role. |
Actual Resource | Role in an Organization, where the role carries the authority to undertake a function - though the Actual Organizational Resource given the role has the responsibility. |
Actual Resource Role | An instance of a System Resource. |
Actual Responsibility | The duty required of a Person or Organization. |
Actual Responsible Resource | An abstract grouping of responsible Organizational Resources. |
Actual Service | An instance of a Service Specification. |
Actual State | Abstract element that applies temporal extent to a set of elements realized as Instance Specifications. |
Architecture | An abstract element that represents a generic architecture. Subtypes are Logical Architecture and Physical Architecture. |
Asset | Asset as applied to Security views, an abstract element that indicates the types of elements that can be considered as a subject for security analysis. |
Asset Role | Asset Role as applied to Security views, an abstract element that indicates the type of elements that can be considered as a subject for security analysis in the particular context. |
Capability For Task | An abstraction relationship that asserts that a Capability is required in order for an Enterprise to conduct a phase of an Enduring Task. |
Capability Kind | Enumeration of the possible kinds of Capability. The following are enumeration literals for Capability Kind: Operational, Other, Personnel, Resource, Security, Service, and Strategic. |
Challenge | An existing or potential difficulty, circumstance, or obstacle which will require effort and determination from an enterprise to overcome in achieving its goals. |
Challenge Kind | Enumeration of the possible kinds of Challenge. The following are enumeration literals for ChallengeKind: Business, Enterprise, Mission, Other, and Strategic. |
Compares To | An abstraction relationship relating the effect that is achieved with the originally expected Desired Effect. Providing a means of comparison, between the expectation of the desirer and the actual result. |
Competence To Conduct | An abstraction relationship used to associate a Function with a specific set of Competencies needed to conduct the Function |
Concern | Interest in an Enterprise Phase (Enterprise Phase is synonym for System in ISO 42010) relevant to one or more of its stakeholders. |
Consumes | A Consumes relationship is an abstraction relationship that asserts that a service in someway contributes or assists in the execution of an Operational Activity. |
Creates | A dependency relationship denoting that an Actual Strategic Phase brings into existence a Strategic Asset. |
Data Role | A usage of Data Element that exists in the context of an Resource Asset. It also allows the representation of the whole-part aggregation of Data Elements. |
Driver | A factor which will have a significant impact on the activities, and goals of an enterprise. |
Driver Kind | Enumeration of the possible kinds of Driver. The following are enumeration literals for DriverKind: Operational, Other, Personnel, Project, Resource, Security, Service, Standard, and Strategic. |
Effect | A kind of phenomenon that follows and is caused by some previous phenomenon that could lead to downstream effects or to one or more desired outcomes. |
Enables | A dependency relationship denoting that an Opportunity provides the means for achieving an Enterprise Goal or Objective. |
Enhances | A dependency relationship relating the Tailored Security Control to a Security Control. |
Enterprise Mission | Mission captures at a high level what you will do to realize your vision. |
Enterprise Objective | A statement of an attainable, time-targeted, and measurable target that the enterprise seeks to meet in order to achieve its Goals. |
Evoked By | A dependency relationship denoting that a Risk is drawn out by an Opportunity. |
Fielded Capability | An actual, fully-realized capability. A Fielded Capability is typed by a Capability Configuration. |
Governed By | An abstraction relationship that exists between the ServiceContract and the Service that it governs. |
Impacted By | A dependency relationship denoting that a Capability is affected by an Opportunity. |
Information Role | A usage of Information Element that exists in the context of an Operational Asset. It also allows the representation of the whole-part aggregation of Information Elements. |
Maps To Goal | A dependency relationship denoting that some Strategic Information contributes to achieving an Enterprise Goal or Objective. |
Measurable Element | Abstract grouping for elements that can be measured by applying Measurement Sets to them. |
Mitigation Role | An abstract element that indicates the types of elements that can be considered as a subject for mitigating against a risk. |
Motivated By | A dependency relationship denoting the reason or reasons one has for acting or behaving in a particular way. |
Operational Asset | An abstract element used to group the elements of Operational Agent and Information Element allowing them to own Information Roles. |
Operational Interface | A declaration that specifies a contract between the Nodes it is related to and any other Nodes it can interact with. |
Operational Mitigation | A set of security measures intended to address against specific cyber risks. Comprises a subset of Security Controls that are required to protect the asset at node (Operational Role). |
Operational Signal | An Operational Signal is a specification of a kind of communication between operational performers in which a reaction is asynchronously triggered in the receiver without a reply. |
Opportunity | An existing or potential favorable circumstance or combination of circumstances which can be advantageous for addressing enterprise Challenges. |
Organization In Enterprise | An abstraction relationship relating an Actual Organization to an Actual Enterprise Phase to denote that the Actual Organization plays a role or is a stakeholder in an Actual Enterprise Phase. |
Owns Value | An abstraction relationship denoting that an Actual Organizational Resource owns a Value Item. |
Performs In Context | An abstraction relationship that relates an Operational Action to a Operational Role, or a Function Action to a Resource Role. It indicates that the action can be carried out by the role when used in a specific context or configuration. |
Phases | An abstraction relationship that exists between a Phaseable Element and an Actual Strategic Phase that it is assigned to. |
Presented By | A dependency relationship denoting that a Challenge must be overcome for addressing a Driver. |
Project Activity | An activity carried out during a project. |
Project Activity Action | The Project Activity Action is defined as a call behavior action that invokes the activity that needs to be preformed. |
Project Role | Usage of a Project in the context of another Project. Creates a whole-part relationship. |
Protects | A dependency that asserts that a Security Control is required to protect an Asset. |
Protects In Context | A dependency relationship that relates a Security Control Action to a Operational Role, or a Resource Role. It indicates that Security Control is required to protect an Asset in a specific context or configuration. |
Protocol Stack | A sub-type of Protocol that contains the Protocol Layers, defining a complete stack. |
Required Service Level | A sub type of Actual Service that details a specific service level required of the provider. |
Resource Asset | An abstract element used to group the elements of Resource Performer and Data Element allowing them to own Data Roles |
Resource Interface | A declaration that specifies a contract between the System Resources it is related to and any other System Resources it can interact with. It is also intended to be an implementation of a specification of an Interface in the Business and/or Service layer. |
Resource Mitigation | A set of security measures intended to address specific cyber risks. Comprises a subset of Tailored Security Controls that are used to protect the asset at resource (Resource Role). |
Resource Service | A services that a Resource Performer provides to support higher level Services or Operational Activities. Employee provisioning, backup and recovery, storage, self-service help desk are examples of Resource Services. |
Resource Service Interface | A contract that defines the Resource Methods and Resource Signal receptions that the Resource Services realize. |
Resource Signal | A Resource Signal is a specification of a kind of communication between resources (ResourcePerformers) in which a reaction is asynchronously triggered in the receiver without a reply. |
Risk | A statement of the impact of an event on Assets. It represents a constraint on an Asset in terms of adverse effects, with an associated measure of the likelihood of the event’s occurrence. Software related security risks are those risks that arise from the loss of confidentiality, integrity, or availability of information or information systems. |
Security Constraint | A type of rule that captures a formal statement to define access control policy language. |
Security Control | A type of Operational Activity that specifies a safeguard or countermeasure prescribed for Operational Performer. It is intended to protect the confidentiality, integrity, and availability of its information. |
Security Control Action | A call of a Security Control in the context of another Security Control. It is used to show how a set of Security Controls can be used to protect an asset at node (Operation Role). |
Security Control Family | An element that organizes security controls into a family. |
Security Endave | An element that is a collection of information systems connected by one or more internal networks under the control of a single authority and security policy. The systems may be structured by physical proximity or by function, independent of location. |
Security Process | The security-related procedure that satisfies the security control requirement. |
Security Process Action | A call of a Security Control in the context of another Security Control. It is used to show how a set of Security Controls can be used to protect an asset at node (Node Role). |
Security Risk | The level of impact on enterprise operations, assets, or individuals resulting from the operation of an information system given the potential impact of a threat and the likelihood of that threat occurring [NIST SP 800-65]. |
Sequence | A dependency relationship that asserts one Individual's temporal extent is completely before the temporal extent of another. |
Service Architecture | An element used to denote a model of the Architecture, described from the Services perspective. |
Service Connector | A channel for exchange between two Service Specifications. Where one acts as the consumer of the other. |
Service Contract | A constraint governing the use of one or more Services. |
Service Control Flow | An Activity Edge that shows the flow of control between Service Function Actions. |
Service Exchange | Asserts that a flow can exist between Services (i.e. flows of information, people, materiel, or energy). |
Service Exchange Item | An abstract grouping for elements that defines the types of elements that can be exchanged between Services and conveyed by a Service Exchange. |
Service Exchange Kind | Enumeration of the possible kindsEnumeration of the possible kinds of Service Exchange. The following are enumeration literals for Service Exchange Kind:
|
Service Object Flow | An Activity Edge that shows the flow of Resources (objects/information) between Service Function Actions. |
Service Signal | A specification of a kind of communication between Services in which a reaction is asynchronously triggered in the receiver without a reply. |
Service Signal Property | A property of a Service Signal typed by Service Exchange Item. It enables Service Exchange Item e.g. Operational Information to be passed as arguments of the Service Signal. |
Service Specification | The specification of a set of functionality provided by one element for the use of others. |
Service Specification Role | Usage of a Service Specification in the context of another Service Specification. Creates a whole-part relationship. |
Strategic Constraint | A Rule governing a Capability. |
Strategic Exchange | Asserts that a flow can exist between Actual Strategic Phases (i.e. flows of information, people, materiel, or energy). |
Strategic Information | Knowledge communicated or received concerning a particular fact or circumstance that is strategic in nature that is important or essential in relation to a plan of action. |
Subject Of Risk | An abstract grouping of elements that can be the subject of a Risk. |
Subject Of Security Constraint | An abstract grouping of elements that can be the subject of a Security Constraint. |
Tailored Security Control | A type of Function that implements a Security Control, it specifies a safeguard or countermeasure prescribed for a System Resource. It is intended to protect the confidentiality, integrity, and availability of its information. |
Technology | A sub type of Resource Artifact that indicates a technology domain, i.e. nuclear, mechanical, electronic, mobile telephony etc. |
Value Item | An ideal, custom, or institution that an enterprise promotes or agrees with. It may be positive or negative, depending on point of view. |
Value Item Kind | Enumeration of the possible kinds of Value Item. The following are enumeration literals for Value Item Kind: Benefit, Cost, KPI, Loss, Other, Quality, Revenue, and Time. |
Value Stream | An end-to-end collection of activities that create a result for a customer, who may be the ultimate customer or an internal end-user of the value stream. Value stream nested within another value stream may represent Value Stream Stage - a distinct, identifiable phase or step within a value stream [The Business Architecture Metamodel Guide, 2020]. |
Version Succession | A dependency relationship between two Version Of Configurations that denotes that one Version Of Configuration follows from another. |
Versioned Element | An abstract grouping of System Resource and Service Specification that allows Version Of Configuration to be related to Actual Project Milestones. |